Office 365 Advanced Security Management is now Office 365 Cloud App Security.
With Office 365 Cloud App Security, you can define two kinds of policies for your organization:
Activity policies , which are based on activities that you define as suspicious, such as users attempting to sign in with admin credentials in other regions/countries outside what's normal for your organization, or an extreme number of sign-in attempts for a user within an hour.
Anomaly detection policies , which are based on automatic algorithms that detect suspicious activity. A default anomaly detection policy is pre-configured for your organization when you turn on Office 365 Cloud App Security. This default policy watches for anomalies in signing in, access to content, and account activities. You can create additional anomaly detection policies as well.
To create policies based on activity, click here.
To create policies based on detecting anomalies, click here.